SEXUAL HARRASSMENT LAWSUIT

THE SITUATION
Susan R., a long-time employee with a solid work history, has alleged sexual harassment in a lawsuit against her employer within a few months of being assigned a new male supervisor. She alleges that previous oral and e-mail complaints directly submitted to the supervisor have been ignored, and that her complaints to HR have resulted in a "he said, she said" discussion where the supervisor's denials were accepted at face value.

CURRENT TECHNOLOGY
If the potential damages and other circumstance warrant it (usually where other employees have also come forward), plaintiff's attorney will try to compel discovery through the company e-mail systems and other conversational records and documents - when that fails as overbroad, they are usually successful seeking forensic examination of computer hard drives belonging to the specific individuals and witnesses involved.

Forensic hard-drive examination is problematic on several levels. First, it is extremely disruptive for the company and the individuals because those hard drives or computers must be replaced and their contents reconstructed in order for the employee to continue doing their jobs.
Secondly, information stored statically on a hard drive rarely has complete context (background information useful for determining its value or meaning).

There are three common examples I use to illustrate the problem. The first is a case where a document is passed around for editing. It is impossible to reliably reconstruct a from a single image of a static file a document in the form it was originally received once it has been edited and replaced back into the same file. The second example is where a friend of yours has sent you a dirty joke as an attachment to an e-mail. You choose not to read the joke at work (or perhaps ever), but you forward the e-mail to your home or personal e-mail account. The problem is that the entirety of the original e-mail, including the dirty joke attachment, is now stored on your hard drive in various ways (temp file, cache, history, and e-mail backup). There is no record whether you did or did not read that attachment on company time (some e-mail systems may record whether you clicked on an e-mail, but not how much time you spent reading it or whether you opened or saved attachments). The assumption that will be made by the adversarial attorney is that you in fact are responsible for all of the negative content on your hard drive, regardless of source or your own actions (actions you can neither prove or disprove).

The third example concerns the amount of information displayed on a computer screen. Only a small percentage of most Web sites, documents, images, and certainly animated movies, can appear totally within the small area of a computer screen. Since a static image of your hard drive file contains no scrolling, mouse click, or keystroke information to say where you went in a file or how long you stayed there, it is not possible to know (or defend yourself against) how much of that document you did or did not see, much less absorb. But again, hard drive forensics examination tends to hold the hard drive owner responsible for the entirety of the files stored on the hard drive - for shared computers where files are stored by many users into common areas of the hard drive, the situation becomes much more complicated.

THE VIEWSENDER SOLUTION
viewSender records only what actually appears on the screen (contents that can more reasonably be assumed to have been viewed if a user is known, through keystrokes and mouse-clicks, to be present). It records very accurately view and activity timestamps, and reduces all text on the screen into searchable text files. If an attachment was actually opened on that computer, viewSender would have recorded the window displaying the attachment (assuming reasonable monitoring settings), and snapshots before and after it was opened to establish a timeframe. Unique text within a captured image can be searched for other occurrences within the captured information for that computer, as well as for other computers - which means you can trace the progress and distribution of an item as it coursed its way through an organization. Investigations involving viewSender records can be done at the viewSender Server and do not require any disruption or removal of the monitored computer(s).

But viewSender's capabilities at trial, no matter how superior, pale in comparison to the three things it can do no forensic hard drive analysis ever will: detect, investigate and help mitigate a workplace situation before any lawyer becomes involved. viewSender (with a proper keyword list) would have detected the e-mail complaints submitted to the supervisor as well the conversations between the complainant and her co-workers about the supervisor's behavior. It quite likely would have detected other hot-button text items that would have indicated a potential problem before any formal complaint was submitted (suggestive, leading, denigrating or insensitive keywords in the supervisor's e-mails or other computer-based communications).

This ability to detect potentials and take pre-emptive action is incredibly valuable - the damages to an organization, including actual and hidden costs, can be extreme and last for years, resulting in lost production, morale issues, loss of valuable employees, and inability to attract qualified replacements, in addition to the monetary costs. When failure to anticipate or correct problems involves employees still on the job and results in Equal Employment Opportunity Commission actions or a civil lawsuit, the problems are exacerbated because usually the offended (and sometimes the offender) are protected from dismissal, discipline or other corrective action until the matter is settled legally.